Solutions and Performance Governance Partner

Company :

Job Description :

JOB SUMMARY

This role is a key expert in ensuring the organization's adherence to rules and standards, primarily by crafting accurate and timely responses to complex requests from external parties about security, privacy, and compliance. A central responsibility involves building and managing a customer-facing platform that transparently showcases the organization's commitment to data protection and regulatory requirements. This individual collaborates across various internal departments, acting as a pivotal partner to coordinate information and provide specialized guidance, ultimately delivering high-quality, compliant external communications and maintaining essential response content.

ESSENTIAL RESPONSIBILITIES

• Trust Center Governance: Strategically develops, owns, and improves of client-facing trust portals as central repositories for compliance and security information.

• Response Management, Communication & Technology: Expertly manages and coordinates responses to complex RFIs, RFPs, and security questionnaires, crafting professional and accurate content and messaging. Possesses exceptional written and verbal communication skills for diverse audiences and is proficient in Microsoft Office Suite and specialized RFP Automation Software.

• Process Governance & Optimization: Establishes, maintains, and ensures adherence to operational standards, driving process efficiency and continuous improvement.

• Strategic Decision-Making & Problem Solving: Interprets complex information, applies judgment, and makes effective strategic decisions for risk and compliance initiatives, proactively resolving complex issues.

• Project & Program Management: Manages complex projects from planning through execution, including strategic planning, resource allocation, and oversight of specialist teams.

• Other duties as assigned or requested.

EXPERIENCE

Required

• 5 years of experience in progressive experience in compliance, risk management, or client-facing response management (RFI/RFP).

• 3 years of experience in project management and/or business process design, overseeing cross-functional initiatives.
  
  

Preferred

• Experience in the healthcare (payer or provider) industry.

• Experience in developing, implementing, or managing a client-facing Trust Center or similar compliance portal.

• Experience with team leadership, coaching, or mentoring.

SKILLS

• Stakeholder & Cross-functional Management: Expert in coordinating and collaborating with diverse internal and external stakeholders (e.g., Sales, Privacy, Compliance, Legal, Regulatory, clients, consultants) to manage relationships and drive consensus.

• Regulatory & Compliance Expertise: Deep understanding and application of regulatory frameworks (NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO), including expert knowledge of healthcare business processes, risk/control frameworks, and assessment methodologies, specifically for RFIs, RFPs, and security questionnaires.

• Trust Center Governance: Strategic development, ownership, and continuous improvement of client-facing trust portals as central repositories for compliance and security information.

• Process Governance & Optimization: Establishes, maintains, and ensures adherence to desk-level procedures and operational standards, driving process efficiency and continuous improvement.

• Response Management: Expertly manages and coordinates responses to complex RFIs, RFPs, and security questionnaires, crafting professional and accurate content, executive summaries, and messaging. Serves as a principal content manager for database responses, ensuring quality and consistency.

• Project & Program Management: Manages complex projects from planning through execution, including strategic planning facilitation, resource allocation, and oversight of specialist teams, ensuring timely and custom deliverables.

• Leadership & Team Oversight: Provides day-to-day leadership, guidance, and mentorship to junior specialists, fostering team development and ensuring high-quality project outcomes.

• Analytical & Strategic Decision-Making: High capacity to interpret complex information, apply judgment, and make effective, strategic decisions for risk and compliance initiatives.

• Communication & Presentation: Exceptional written and verbal communication skills, including proposal writing, for diverse audiences (senior management, board, peer, clients).

• Problem Solving & Issue Resolution: Proactively identifies, manages, and resolves complex issues and outstanding items efficiently.

• Technology Proficiency: Proficient in Microsoft Office Suite and specialized RFP Automation Software.

EDUCATION

Required

• Bachelor’s degree in Business Administration, Information Technology, Risk Management, Compliance, Pre-Law, Marketing, Communications or related field or relevant experience and/or education as determined by the company in lieu of bachelor's degree.

Preferred

• Master's degree in Business Administration, Information Technology, Risk Management, Compliance, Pre-Law, Marketing, Communications or related field.
  
  

LICENSES or CERTIFICATIONS

Required

• None
  
  

Preferred

• Certified Public Accountant (CPA)

• Certified Information Systems Auditor (CISA)

• Certified Information Systems Security Professional (CISSP)

• Project Management Professional (PMP)

Language (Other than English):

None

Travel Required:

Less than 25%

PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS

Position Type

Office-Based or Remote Position

Physical work site required

Frequently

Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.



Compliance Requirement : This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.


As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy.


Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.

For accommodation requests, please contact HR Services Online at [email protected]

California Consumer Privacy Act Employees, Contractors, and Applicants Notice